by Jeremy Feigelson, Avi Gesser, Paul Rodel, Joshua Samit, Charu Chandrasekhar, and Corey Goldstein 

The U.S. Securities and Exchange Commission this week took the rare step of penalizing a company for its allegedly poor disclosure of a cyber incident. The SEC announced a $1 million civil penalty against Pearson plc (“Pearson”), a London-based educational publishing company that is a U.S. securities issuer. The penalty resolves charges that Pearson misled investors related to a 2018 data breach. Continue reading →